From owner-freebsd-hackers  Sat Sep  8 18: 1:22 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP id E5E9237B405
	for <freebsd-hackers@FreeBSD.ORG>; Sat,  8 Sep 2001 18:01:18 -0700 (PDT)
Received: from localhost (arr@localhost)
	by fledge.watson.org (8.11.6/8.11.5) with SMTP id f8910g514575;
	Sat, 8 Sep 2001 21:00:42 -0400 (EDT)
	(envelope-from arr@watson.org)
Date: Sat, 8 Sep 2001 21:00:41 -0400 (EDT)
From: "Andrew R. Reiter" <arr@watson.org>
To: Giorgos Keramidas <charon@labs.gr>
Cc: Sansonetti Laurent <lorenzo@linuxbe.org>, deepak@ai.net,
	freebsd-hackers@FreeBSD.ORG
Subject: Re: Kernel-loadable Root Kits
In-Reply-To: <20010909001951.A6949@hades.hell.gr>
Message-ID: <Pine.NEB.3.96L.1010908205737.14543A-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG


:Instead of worrying after the module has been loaded it's much safer
:to run the kernel in securelevel>=1 when modules cannot be loaded
:without a reboot to single-user mode.
:

Not entirely true.  They are called kernel bugs... Not the proper url for
this, but good enough:

	http://julianor.tripod.com/freebsd-kernel-bof.txt



*-------------.................................................
| Andrew R. Reiter 
| arr@fledge.watson.org
| "It requires a very unusual mind
|   to undertake the analysis of the obvious" -- A.N. Whitehead


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message